Malware Analysis Report

2025-01-18 00:19

Sample ID 240613-l5q23atgnc
Target a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118
SHA256 2dd4acfbd1999adc2e2b23f66ce7e06819389f28066bc1c48bd28b514bb739b8
Tags
score
4/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
4/10

SHA256

2dd4acfbd1999adc2e2b23f66ce7e06819389f28066bc1c48bd28b514bb739b8

Threat Level: Likely benign

The file a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118 was found to be: Likely benign.

Malicious Activity Summary


Drops file in Windows directory

Unsigned PE

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-13 10:07

Signatures

Unsigned PE

Description Indicator Process Target
N/A N/A N/A N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-13 10:07

Reported

2024-06-13 10:09

Platform

win7-20240221-en

Max time kernel

122s

Max time network

123s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\dextor32.exe C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe"

Network

N/A

Files

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

MD5 a500a4b505c565d54fa56aff0989a2ab
SHA1 7f4e7af55d73e52851be6001f871b3ad2a08b088
SHA256 2dd4acfbd1999adc2e2b23f66ce7e06819389f28066bc1c48bd28b514bb739b8
SHA512 6fbec513e227868b7c6185970ce79480e03a779b65ed42a2c0e81d3b58a8e6bdead66d180a44c92fdb7994c2209b864ef88f6e5d94fdbe49900116d90f5dea28

memory/2128-101-0x0000000000400000-0x0000000000425000-memory.dmp

Analysis: behavioral2

Detonation Overview

Submitted

2024-06-13 10:07

Reported

2024-06-13 10:09

Platform

win10v2004-20240508-en

Max time kernel

51s

Max time network

52s

Command Line

"C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe"

Signatures

Drops file in Windows directory

Description Indicator Process Target
File created C:\Windows\dextor32.exe C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe N/A

Processes

C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe

"C:\Users\Admin\AppData\Local\Temp\a500a4b505c565d54fa56aff0989a2ab_JaffaCakes118.exe"

Network

Files

C:\Windows\Temp\CKY3 - Bam Margera World Industries Alien Workshop Full Downloader.exe

MD5 a500a4b505c565d54fa56aff0989a2ab
SHA1 7f4e7af55d73e52851be6001f871b3ad2a08b088
SHA256 2dd4acfbd1999adc2e2b23f66ce7e06819389f28066bc1c48bd28b514bb739b8
SHA512 6fbec513e227868b7c6185970ce79480e03a779b65ed42a2c0e81d3b58a8e6bdead66d180a44c92fdb7994c2209b864ef88f6e5d94fdbe49900116d90f5dea28

memory/4592-101-0x0000000000400000-0x0000000000425000-memory.dmp